On Sun, January 3, 2016 21:30, Daniel M. wrote: > > > Heya and a Happy New Year !!! > > Might be that I'm wrong here but I know that there are some ppl here who > could know the answer to this. > > I have the following iptables setup: > > iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -m > recent --set > iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -m > recent --update --seconds 60 --hitcount 6 -j DROP
Hello Daniel, I looked at your config settings and conntrack is in the kernel for ipv4. I would look at your command: iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set --set needs some more such as: iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set --name SSH iptables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 60 --hitcount 6 --name SSH -j DROP See if setting the --name properly helps. Sincerely, William Harrington -- http://lists.linuxfromscratch.org/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page Do not top post on this list. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? http://en.wikipedia.org/wiki/Posting_style
